[OpenAFS] Testing OpenAFS with Windows XP Roaming Profiles....

[Christopher D. Clausen]

Claudio Prono <claudio.prono@atpss.net> wrote:
>> I am testing a solution like: OpenAFS with kerberos, Windows XP with
>> Integrated logon and roaming profile.
>>
>> OpenAFS works, Kerberos works, integrated logon works... The profile on
>> AFS not.
>>
>> I have manually copied the profile in a directory on AFS like
>> "msprofile", edited the windows registry at key:
>>
>> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
>> NT\CurrentVersion\ProfileList and changed the key ProfileImagePath to
>> \\afs\mediaservice-test.pri\users\claudio\msprofile
>>
>> Deleted the local profile, rebooted the machine, logged in as claudio...
>> and...a new local profile was created!!! If i check the registry key, it
>> is changed again to the default (something like %SystemDrive%\Documents
>> and Settings\claudio.TESTAFS)...
>>
>> What i am doing wrong? What is the best solution?

Are you literally changing the registry?  And not doing things the supported 
way by setting the user profile path within Active Directory?  I'd say the 
best solution is to NOT edit the registry directly to change a profile 
location.

There are some group policy settings to disable windows trying to change 
permissions on the profile path.  I suspect this might be causing problems 
as Windows does not know how to set AFS permissions and if this attempt 
fails, Windows reverts to a local profile.

Also, you might need to set at least system:anyuser l on the folder so that 
the computer itself (without AFS credentials) can see that the folder exists 
before trying to use it as a profile path.  I am not sure about that though.

<<CDC